research-article

Interactive privacy via the median mechanism

Authors:
Aaron Roth

Carnegie Mellon University, Pittsburgh, PA, USA

Carnegie Mellon University, Pittsburgh, PA, USA
View Profile

,
Tim Roughgarden

Stanford University, Stanford, CA, USA

Stanford University, Stanford, CA, USA
View Profile

STOC '10: Proceedings of the forty-second ACM symposium on Theory of computingJune 2010Pages 765–774https://doi.org/10.1145/1806689.1806794

Published:05 June 2010Publication History

STOC '10: Proceedings of the forty-second ACM symposium on Theory of computing

Pages 765–774

ABSTRACT

We define a new interactive differentially private mechanism --- the median mechanism --- for answering arbitrary predicate queries that arrive online. Given fixed accuracy and privacy constraints, this mechanism can answer exponentially more queries than the previously best known interactive privacy mechanism (the Laplace mechanism, which independently perturbs each query result). With respect to the number of queries, our guarantee is close to the best possible, even for non-interactive privacy mechanisms. Conceptually, the median mechanism is the first privacy mechanism capable of identifying and exploiting correlations among queries in an interactive setting.

We also give an efficient implementation of the median mechanism, with running time polynomial in the number of queries, the database size, and the domain size. This efficient implementation guarantees privacy for all input databases, and accurate query results for almost all input distributions. The dependence of the privacy on the number of queries in this mechanism improves over that of the best previously known efficient mechanism by a super-polynomial factor, even in the non-interactive setting.

References

A. Blum, K. Ligett, and A. Roth. A learning theory approach to non-interactive database privacy. In Proceedings of the 40th annual ACM symposium on Theory of computing, pages 609--618. ACM New York, NY, USA, 2008. Google ScholarDigital Library
L. Devroye. Non-uniform random variate generation. 1986.Google Scholar
M. Dyer, A. Frieze, and R. Kannan. A random polynomial-time algorithm for approximating the volume of convex bodies. Journal of the ACM (JACM), 38(1):1--17, 1991. Google ScholarDigital Library
C. Dwork, F. McSherry, K. Nissim, and A. Smith. Calibrating noise to sensitivity in private data analysis. In Proceedings of the Third Theory of Cryptography Conference TCC, volume 3876 of Lecture Notes in Computer Science, page 265. Springer, 2006. Google ScholarDigital Library
I. Dinur and K. Nissim. Revealing information while preserving privacy. In 22nd ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS), pages 202--210, 2003. Google ScholarDigital Library
9}DNRRV09C. Dwork, M. Naor, O. Reingold, G.N. Rothblum, and S. Vadhan. On the complexity of differentially private data release: efficient algorithms and hardness results. In Proceedings of the 41st annual ACM symposium on Symposium on theory of computing, pages 381--390. ACM New York, NY, USA, 2009. Google ScholarDigital Library
C. Dwork. Differential privacy: A survey of results. In Proceedings of Theory and Applications of Models of Computation, 5th International Conference, TAMC 2008, volume 4978 of Lecture Notes in Computer Science, page 1. Springer, 2008. Google ScholarDigital Library
A. Ghosh, T. Roughgarden, and M. Sundararajan. Universally utility-maximizing privacy mechanisms. In Proceedings of the 41st annual ACM symposium on Symposium on theory of computing, pages 351--360. ACM New York, NY, USA, 2009. Google ScholarDigital Library
M. Hardt and K. Talwar. On the Geometry of Differential Privacy. In The 42nd ACM Symposium on the Theory of Computing, 2010. STOC'10, 2010. Google ScholarDigital Library
S.P. Kasiviswanathan, H.K. Lee, K. Nissim, S. Raskhodnikova, and A. Smith. What Can We Learn Privately? In IEEE 49th Annual IEEE Symposium on Foundations of Computer Science, 2008. FOCS'08, pages 531--540, 2008. Google ScholarDigital Library
F. McSherry and K. Talwar. Mechanism design via differential privacy. In Proceedings of the 48th Annual Symposium on Foundations of Computer Science, 2007. Google ScholarDigital Library
J. Ullman and S. Vadhan. PCPs and the Hardness of Generating Synthetic Data . Manuscript, 2010.Google Scholar
V. Vapnik. Structure of statistical learning theory. Computational Learning and Probabilistic Reasoning, page 3, 1996.Google Scholar

Index Terms

Interactive privacy via the median mechanism
1. Theory of computation
  1. Design and analysis of algorithms

Recommendations

Enhancing the Trajectory Privacy with Laplace Mechanism
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01

Mobile-aware service systems are dramatically increasing the amount of personal data released to service providers as well as to third parties. Data may reveal individuals' physical conditions, habits, and sensitive information. It raises serious ...
Read More
Privacy-aware mechanism design
EC '12: Proceedings of the 13th ACM Conference on Electronic Commerce

Mechanism design deals with distributed algorithms that are executed with self-interested agents. The designer, whose objective is to optimize some function of the agents private types, needs to construct a computation that takes into account agent ...
Read More
Differential Privacy via a Truncated and Normalized Laplace Mechanism
Abstract
When querying databases containing sensitive information, the privacy of individuals stored in the database has to be guaranteed. Such guarantees are provided by differentially private mechanisms which add controlled noise to the query responses. ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
STOC '10: Proceedings of the forty-second ACM symposium on Theory of computing
June 2010
812 pages
ISBN:9781450300506
DOI:10.1145/1806689
General Chair:
Michael Mitzenmacher
Harvard
,
Program Chair:
Leonard J. Schulman
Caltech
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 5 June 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
differential privacy
online algorithm
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate1,469of4,586submissions,32%
Upcoming Conference
STOC '24

Sponsor:

sigact

56th Annual ACM Symposium on Theory of Computing (STOC 2024)

June 24 - 28, 2024

Vancouver , BC , Canada
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 161
  Total Citations
  View Citations
- 604
  Total Downloads
- Downloads (Last 12 months)20
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Interactive privacy via the median mechanism

STOC '10: Proceedings of the forty-second ACM symposium on Theory of computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

Enhancing the Trajectory Privacy with Laplace Mechanism

Privacy-aware mechanism design

Differential Privacy via a Truncated and Normalized Laplace Mechanism